Thanks for all your responses. It is a requirement placed upon us by the security organization to audit all activities of users having the DBA role. I know this will cause additional overhead, but it is limited to a handful of users. I have been reading several documents and think I found the proper way to configure auditing for this scenario. AUDIT ALL BY <dbauser1, dbauser2, etc> BY ACCESS; Then I have to add.... AUDIT INSERT, UPDATE, DELETE, ALTER TABLE, EXECUTE PROCEDURE, etc. BY <dbauser1, dbauser2, etc> BY ACCESS; Then when anyone grants DBA to a new user they will need to set up auditing for that particular user, just another step when creating privileged users. The oracle documents I was reading did not do a great job of illustrating how to audit actions of a single user, but some other websites supplied the necessary information. I also found out AUDIT ALL does not audit "all" :-) Thanks again, Bill On Nov 10, 2011, at 1:57 PM, Powell, Mark wrote: > Do you really need to audit DBA users? What about auditing actions such as > audit table, audit view, audit procedure, etc ... so all create table, alter > table, and drop table etc... have an audit record created for the action. > > You can also turn auditing on for user SYS activities. > > Between the two features above you get a manageable but pretty decent record > of DDL actions. > > > -----Original Message----- > From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On > Behalf Of Bill Zakrzewski > Sent: Thursday, November 10, 2011 10:17 AM > To: oracle-l@xxxxxxxxxxxxx L > Subject: AUDIT question > > Environment: > > Oracle 9.2.0.8.0 > HP-UX 11.11 > > > We would like to audit all activities of the oracle users that have the DBA > role granted. My initial thought was to create a logon trigger to check for > the DBA role and turn auditing on for that particular session, but I do not > believe that is an option. Any ideas? > > Thanks, > Bill-- > //www.freelists.org/webpage/oracle-l > > > -- > //www.freelists.org/webpage/oracle-l > > > -- //www.freelists.org/webpage/oracle-l